﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using Project.DTO;
using System.Data.Common;
using System.Data;
using System.Security.Cryptography;
using System.Text;

namespace Project.DAO
{
    public class userDAO
    {
        //get info user
        public static userDTO getUserByUserName(string username) {
            userDTO ust = new userDTO();

            DataProvider dp = new DataProvider();
            DbCommand command = dp.CreateCommand();
            command.CommandType = CommandType.StoredProcedure;
            command.CommandText = "spGetUserByUserName";

            DbParameter parm = command.CreateParameter();
            parm.ParameterName = "@username";
            parm.DbType = DbType.String;
            parm.Value = username;
            command.Parameters.Add(parm);

            DataTable dt = dp.ExecuteSelectCommand(command);

            for (int i = 0; i < dt.Rows.Count; i++)
            {

                ust.idUser = Int32.Parse(dt.Rows[i]["idUser"].ToString());
                ust.userName = dt.Rows[i]["userName"].ToString();
                ust.fullName = dt.Rows[i]["fullName"].ToString();
                ust.passWord = dt.Rows[i]["passWord"].ToString();
                ust.origin = dt.Rows[i]["origin"].ToString();              


            }

            return ust;
        }

        //check login
        public static Boolean userLogin(string username, string password) {
            Boolean flag = false;

            userDTO ust = new userDTO();
            ust = getUserByUserName(username);

            //MD5 hash
            //http:/www.codeproject.com/Articles/463390/Password-Encryption-using-MD5-Hash-Algorithm-in-Cs

            MD5 md5 = new MD5CryptoServiceProvider();
            md5.ComputeHash(ASCIIEncoding.ASCII.GetBytes(password));
            byte[] result = md5.Hash;
            StringBuilder strBuilder = new StringBuilder();
            for (int i = 0; i < result.Length; i++)
            {
                strBuilder.Append(result[i].ToString("x2"));
            }

            password = strBuilder.ToString();
            //End MD5 hash

            if (ust.passWord!=null && ust.passWord.CompareTo(password.Trim()) == 0)
                flag = true;
            else
                return flag;
            return flag;
        }

        //insert new user
        public static Boolean insertNewUser(userDTO usn) {
            Boolean flag = false;

            userDTO ust = new userDTO();
            ust = getUserByUserName(usn.userName);
            if (ust.userName == null)
            {
                DataProvider dp = new DataProvider();

                DbCommand command = dp.CreateCommand();
                command.CommandType = CommandType.StoredProcedure;
                command.CommandText = "spRegisterUser";

                DbParameter parm = command.CreateParameter();
                parm.ParameterName = "@username";
                parm.DbType = DbType.String;
                parm.Value = usn.userName;
                command.Parameters.Add(parm);

                DbParameter parm1 = command.CreateParameter();
                parm1.ParameterName = "@fullname";
                parm1.DbType = DbType.String;
                parm1.Value = usn.fullName;
                command.Parameters.Add(parm1);

                DbParameter parm2 = command.CreateParameter();
                parm2.ParameterName = "@password";
                parm2.DbType = DbType.String;
                parm2.Value = usn.passWord;
                command.Parameters.Add(parm2);

                DbParameter parm3 = command.CreateParameter();
                parm3.ParameterName = "@origin1";
                parm3.DbType = DbType.String;
                parm3.Value = usn.origin;
                command.Parameters.Add(parm3);

                try
                {
                    dp.ExecuteNonQueryCommand(command);
                    flag = true;
                }
                catch {
                    return flag;
                }

            }
            else {
                return flag;
            }

            return flag;
        }

        //get a user
        public static userDTO getAUser(int iduser)
        {
            userDTO ust = new userDTO();

            DataProvider dp = new DataProvider();
            DbCommand command = dp.CreateCommand();
            command.CommandType = CommandType.StoredProcedure;
            command.CommandText = "spGetAUser";

            DbParameter parm = command.CreateParameter();
            parm.ParameterName = "@iduser";
            parm.DbType = DbType.Int32;
            parm.Value = iduser;
            command.Parameters.Add(parm);

            DataTable dt = dp.ExecuteSelectCommand(command);

            for (int i = 0; i < dt.Rows.Count; i++)
            {

                ust.idUser = Int32.Parse(dt.Rows[i]["idUser"].ToString());
                ust.userName = dt.Rows[i]["userName"].ToString();
                ust.fullName = dt.Rows[i]["fullName"].ToString();
                ust.passWord = dt.Rows[i]["passWord"].ToString();
                ust.origin = dt.Rows[i]["origin"].ToString();


            }

            return ust;
        }

        //get all user
        public static userDTO[] getAllUser()
        {
            List<userDTO> dsUser = new List<userDTO>();

            DataProvider dp = new DataProvider();

            DbCommand command = dp.CreateCommand();
            command.CommandType = CommandType.StoredProcedure;
            command.CommandText = "spGetAllUser";

            DataTable dt = dp.ExecuteSelectCommand(command);

            for (int i = 0; i < dt.Rows.Count; i++)
            {
                userDTO ust = new userDTO();

                ust.idUser = Int32.Parse(dt.Rows[i]["idUser"].ToString());
                ust.userName = dt.Rows[i]["userName"].ToString();
                ust.fullName = dt.Rows[i]["fullName"].ToString();
                ust.passWord = dt.Rows[i]["passWord"].ToString();
                ust.origin = dt.Rows[i]["origin"].ToString();

                dsUser.Add(ust);
            }

            return dsUser.ToArray<userDTO>();
        }

    }
}